diff options
Diffstat (limited to 'spec/controllers/jira_connect')
| -rw-r--r-- | spec/controllers/jira_connect/events_controller_spec.rb | 37 |
1 files changed, 30 insertions, 7 deletions
diff --git a/spec/controllers/jira_connect/events_controller_spec.rb b/spec/controllers/jira_connect/events_controller_spec.rb index d1a2dd6e7af..8a07f69e480 100644 --- a/spec/controllers/jira_connect/events_controller_spec.rb +++ b/spec/controllers/jira_connect/events_controller_spec.rb @@ -4,14 +4,20 @@ require 'spec_helper' RSpec.describe JiraConnect::EventsController do describe '#installed' do - subject do - post :installed, params: { - clientKey: '1234', - sharedSecret: 'secret', + let(:client_key) { '1234' } + let(:shared_secret) { 'secret' } + let(:params) do + { + clientKey: client_key, + sharedSecret: shared_secret, baseUrl: 'https://test.atlassian.net' } end + subject do + post :installed, params: params + end + it 'saves the jira installation data' do expect { subject }.to change { JiraConnectInstallation.count }.by(1) end @@ -19,15 +25,15 @@ RSpec.describe JiraConnect::EventsController do it 'saves the correct values' do subject - installation = JiraConnectInstallation.find_by_client_key('1234') + installation = JiraConnectInstallation.find_by_client_key(client_key) - expect(installation.shared_secret).to eq('secret') + expect(installation.shared_secret).to eq(shared_secret) expect(installation.base_url).to eq('https://test.atlassian.net') end context 'client key already exists' do it 'returns 422' do - create(:jira_connect_installation, client_key: '1234') + create(:jira_connect_installation, client_key: client_key) subject @@ -35,6 +41,23 @@ RSpec.describe JiraConnect::EventsController do end end + context 'when it is a version update and shared_secret is not sent' do + let(:params) do + { + clientKey: client_key, + baseUrl: 'https://test.atlassian.net' + } + end + + it 'validates the JWT token in authorization header and returns 200 without creating a new installation' do + create(:jira_connect_installation, client_key: client_key, shared_secret: shared_secret) + request.headers["Authorization"] = "Bearer #{Atlassian::Jwt.encode({ iss: client_key }, shared_secret)}" + + expect { subject }.not_to change { JiraConnectInstallation.count } + expect(response).to have_gitlab_http_status(:ok) + end + end + describe '#uninstalled' do let!(:installation) { create(:jira_connect_installation) } let(:qsh) { Atlassian::Jwt.create_query_string_hash('https://gitlab.test/events/uninstalled', 'POST', 'https://gitlab.test') } |